Tuesday, January 24, 2012

Tune nscd(name service cache daemon)

nscd provides caching for the passwd,group,and hosts tables, it can boot performance for situations, in which the tables need to be serviced remotely e.g. LDAP authentication and DNS.
However, sometimes, it cause trouble.In Red Hat Linux 5 , nscd always return the old entry until the TTL(default is 1hour) is reached, even restarting nscd won’t flush the cache.
There are two solutions:1.Disable persistent caching

#Persistent caching is enabled by default

$cat /etc/nscd.conf

persistent passwd yes

persistent group yes

persistent hosts yes

positive-time-to-live hosts 3600

#So the entries are saved to relative tables

$rpm -ql nscd

..

/var/db/nscd/group

/var/db/nscd/hosts

/var/db/nscd/passwd…

#change them to no

persistent passwd no

persistent group no

persistent hosts no

With persistent caching disabled, restart nscd will discard the entries in memory.2.Flush entries by invalidating the table
The entries in tables (group/passwd/hosts) can manually flushed by the ‘invalidate ‘parameter.

$nscd --invalidate=hosts

Since it is natural for anyone to try restart nscd to resolve the issue and the operation of rebuilding cache is not expensive, I think option 1 is better.